Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifex mupdf vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-4216
A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream.
Artifex Mupdf
5.5
CVSSv3
CVE-2021-37220
MuPDF up to and including 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.
Artifex Mupdf
Fedoraproject Fedora 34
5.5
CVSSv3
CVE-2020-19609
Artifex MuPDF prior to 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing malicious users to cause a denial of service.
Artifex Mupdf
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2021-3407
A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.
Artifex Mupdf 1.18.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2020-16600
A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF library 1.17.0-rc1 and previous versions when a valid page was followed by a page with invalid pixmap dimensions, causing bander - a static - to point to previously freed memory instead of a newband_writer.
Artifex Mupdf 1.17.0
Artifex Mupdf
5.5
CVSSv3
CVE-2020-26519
Artifex MuPDF prior to 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing malicious users to cause a denial of service.
Artifex Mupdf
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.8
CVSSv3
CVE-2012-5340
SumatraPDF 2.1.1/MuPDF 1.0 allows remote malicious users to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.
Sumatrapdfreader Sumatrapdf 2.1.1
Artifex Mupdf 1.0
Artifex Mupdf 1.1
1 EDB exploit
7.1
CVSSv3
CVE-2019-14975
Artifex MuPDF prior to 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.
Artifex Mupdf
7.8
CVSSv3
CVE-2019-13290
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote malicious users to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a displ...
Artifex Mupdf 1.15.0
9.8
CVSSv3
CVE-2019-7321
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an malicious user to execute arbitrary code.
Artifex Mupdf 1.14.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »